GAO Says NASA Needs To Remedy Key Vulnerabilities in Networks
The Government Accountability Office (GAO) released a report today recommending that NASA “take steps to mitigate control vulnerabilities and fully implement a comprehensive information security program.” In its summary of the report, “NASA Needs to Remedy Vulnerabilities in Key Networks,” (GAO-10-4) the congressional auditing agency said that:
“Although NASA has made important progress in implementing security controls and aspects of its information security program, it has not always implemented appropriate controls to sufficiently protect the confidentiality, integrity, and availability of the information and systems supporting its mission directorates. Specifically, NASA did not consistently implement effective controls to prevent, limit, and detect unauthorized access to its networks and systems.”
GAO wrote the report in response to congressional direction in the 2008 NASA Authorization Act. Rep. Bart Gordon (D-TN), chairman of the House Science and Technology Committee, issued a statement saying that the committee takes the issue of cybersecurity across the board very seriously and noted several hearings his committee has held and 12 pieces of legislation passed since 1987. He concluded, “However, regulation and legislation alone will not suffice. Agencies and departments must follow through with corrective actions to mitigate identified vulnerabilities. GAO has performed an invaluable service to NASA by identifying weaknesses and recommending needed improvements.”
User Comments
SpacePolicyOnline.com has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate. We do not post comments that include links to other websites since we have no control over that content nor can we verify the security of such links.